Two-factor authentication (2FA)
What is two-step verification?
Two-factor authentication (2FA) is a security method that requires a user to confirm their identity in addition to their login email and password. This minimizes the risk of unauthorized access to your account and misuse of your data.
Verification options in our application
1. Authenticator apps (TOTP – Time-based one-time password)
We recommend using the Google Authenticator or Microsoft Authenticator app, which generates one-time codes for verification. See below for instructions on how to set up verification using Google/Microsoft authenticator app.
2. Email verification (default method)
If you don’t set up authenticator app, two-step verification will be done via email. After entering your login email and password, you will receive an email with a link in your inbox. Clicking on this link will log you in to Previo. The link is valid for 1 hour.
Precondition for this login method is of course valid email address used as your login name so you can retrieve the confirmation email.
3. Login with Google or Seznam account
Alternatively, you can sign in with your Google or Seznam account. In this case, two-step verification will be performed through the security of these services.
How to prepare?
- Set your preferred verification method
- Check the email address you use to sign in to Previa and make sure your email address is current and you have access to the mailbox for that address (meaning its a real mailbox).
- We recommend setting up one of the supported authentication apps for faster and more secure authentication.
- Try logging in
- After setup, verify that you can log in to the application without any problems.
Schedule
- From March 3, 2025, 2FA is a mandatory requirement for any login to Previo.
- In addition, from October 30, 2023, two-step authorization using Google Authenticator/Microsoft Authenticator is a prerequisite for viewing full details of credit cards stored in Previo (+ there is a specific user right for this activity).
Verify with Authenticator apps
You can also find the setup procedure in our security webinar at 33:05 . Or below in text form.
1a. Download the Google Authenticator app to your mobile phone , which you can download from the links below.
1b. Download the Microsoft Authenticator to your mobile phone , which you can download from the links below.
Please only download the Google Authenticator/Microsoft Authenticator app from the above links. The app itself is FREE and there are no licensing or monthly fees.
2. In the Settings / Users / User List module, you can view the editing of a specific user, where you check “Active 2FA using Google Authenticator ” and then save the profile.
3. Log out of Previo.
4. After logging in again (entering your username and password), the system will send you an email to your user email address in order to link your account with Google Authenticator/Microsoft Authenticator/Microsoft authenticator app.
5.Click on the link from the email and you will be redirected to page where you will see a QR code and a code containing letters and numbers below it. Do not click the “next” button yet and continue with the setup according to following instructions.
6. Open the Google Authenticator/Microsoft authenticator app on your mobile phone and choose to scan the QR code (1) or type the code into the app (2). Scan or type the code.
Google authenticator qr scanning
Microsoft authenticator qr scanning
7. The application will then display a link to your account with a unique 6-digit code, which changes approximately every minute.
8. Now back to Previo. In the login window with the QR code, click the “Next” button and in the next step, rewrite the six-digit code from the mobile application into the verification window and confirm its entry.
9. You are verified and done 🙂
10. You will not be required to use 2FA the next time you log in from the same browser (or device). This will only happen if you log in from a different browser or a new device. Similarly, you will be required to authenticate if you clear your cookies and browser history.
What should I do if I clicked through from the QR code to the next step without pairing the Google Authenticator app?
First of all you can go back to QR code from the screen where you are supposed to fill in the 6 digits code. Or in the worst case ask someone with access to your Previo profile who has user management permissions to deactivate 2FA authorization for your account, save your user account, and immediately reactivate 2FA authorization. The next time you log in, you will be able to start the whole authentication process again.
What should I do if I deleted the Google Authenticator app or lost my phone?
Ask someone with access to your Previo profile (hotel) who has user management rights to deactivate 2FA authorization for your account, save your user account and immediately reactivate 2FA authorization. This will delete the 2FA key from your profile. When you subsequently try to log in to Previo, the system will again prompt you to re-link your account with Google Authenticator using a QR code.
What to do if you have a new phone? Can linked accounts be transferred?
Yes, it is possible and all you need is an old phone and a new phone with the Google Authenticator app installed. You can find detailed instructions at this link.
What to do if we have multiple Previa users under one login name?
From a security perspective, this approach is incorrect. As we mentioned in our 2019 security article, one Previa user = one user account. Everyone who works with Previa should log in as themselves, and their activities are therefore traceable. Similarly, there is less risk in the theft of one user’s password than in the theft of a single account shared among all employees.
Likewise, when one employee leaves, it is not necessary to change the password for everyone’s account (if it is a shared account), but it is enough to block or delete the user of that employee.
Why are we introducing this change that “doesn’t save you time”?
Almost every day you can hear a report about stolen login details, data leaks, fraudulent messages or other forms of online crime. Caution is definitely in order in the internet environment and this also applies to Previo and access to it. That is why we must respond to the growing danger and increase the level of security of credit cards and other sensitive data of your guests in Previo.
You may struggle with the setup for a while when implementing this measure, but in the long run, this step is extremely important for the security of your data. At the same time, as mentioned above, after the initial setup, you will no longer be required to authenticate when logging in from the same device. However, if anyone else gets hold of your access email and password, they will no longer be able to access Previa.